New Sceptre version haunts chips

Three academics from Northeastern University and three researchers from IBM Research have discovered a new variation of the Spectre CPU vulnerability.

The research team says this new CPU vulnerability is due to a design flaw in the microarchitecture of modern processors that can be exploited by attacking the process of "speculative execution," an optimisation technique used to improve CPU performance.

Codenamed SplitSpectre, the variant changes the way the attack is carried out making it easier.

The improved exploitation scenario can be run within the attacker's own malicious code, instead of the target's kernel, simplifying the exploitation procedure.

Researchers say that this attack technically extends the length of the speculative execution window, which "is an instrumental part in extending the capabilities of [an][...] attacker."

The attack worked against Intel Haswell and Skylake CPUs, and AMD Ryzen processors, via SpiderMonkey 52.7.4, and Firefox's JavaScript engine.

The existing Spectre mitigations would thwart the SplitSpectre attacks. This includes CPU microcode updates that CPU vendors have released over the past year, updates to popular code compilers to harden apps against Spectre-like attacks, and the browser-level modifications that browser vendors have shipped with post-January 2018 browser releases to make it infeasible to carry out web-based Spectre attacks.

"All things considered, our analyses lead us to conclude that the attack is viable, and that the ability to trigger it in practice depends on the identified microarchitectural properties of individual CPU families", researchers said.